Computer Security Final Set 1
A consequence of a buffer overflow error is _____
All of the Above (- corruption data used by the program - unexpected transfer of control in the program - possible memory access violation)
Confidentiality, Integrity, and Availability form what is often referred to as the
CIA Triad
_____ is the scrambled message produced as output
Ciphertext
_____ aim to prevent or detect buffer overflows by instrumenting programs when they are compiled.
Compile-time defenses
A loss of _____ is the unauthorized disclosure of information
Confidentiality
The purpose of the ______ algorithm is to enable two users to securely reach agreement about a shared secret that can be used as a secret key for subsequent symmetric encryption of messages
Diffie-Hellman Key Agreement
_____ attacks have several approaches, all equivalent in effort to factoring the product of two primes
Mathematical
The _____ used a buffer overflow exploit in "fingerd" as one of its attack mechanisms
Morris Internet Worm
_____ assures that individuals control or influence what information related to them may be collected and stored and by whom and to whom that information may be disclosed.
Privacy
_____ is a block cipher in which the plaintext and ciphertext are integers between 0 and n-1 for some n.
RSA
_____ are analogous to a burglar guessing a safe combination by observing how long it takes to turn the dial from number to number
Timing attacks
Replay, masquerade, modification of messages, and denial of service are example of _________ attacks
active
A(n) _____ is a threat that is carried out and , if successful, leads to an undesirable violation of security, or threat consequence.
attack
An assault on system security that derives from an intelligent act that is a deliberate attempt to evade security services and violate the security policy of a system is a(n) __________.
attack
A loss of _____ is the disruption of access to or use of information or an information system
availability
If a valid user is denied access, the error is of type _____
availability
A ______ is to try every possible key on a piece of ciphertext until an intelligible translation into plaintext is obtained.
brute-force attack
_____ defenses aim to harden programs to resist attacks in new programs
compile-time
An encryption scheme is ______ if the cost of breaking the cipher exceeds the value of the encrypted information and/or the time required to break the cipher exceeds the useful lifetime of the information
computationally secure
A(n) _____ is an action, device, procedure, or technique that reduces a threat, a vulnerability, or an attack by eliminating or preventing it, by minimizing the harm it can cause, or by discovering and reporting it so that correct action can be taken.
countermeasure
A(n) _____ is any means taken to deal with a security attack
countermeasure
A ______ attack exploits the characteristics of the algorithm to attempt to deduce a specific plaintext or to deduce the key being used
cryptanalytic
Transmitted data stored locally are referred to as _____
data at rest
The _____ is the encryption algorithm run in reverse.
decryption algorithm
The _____ prevents or inhibits the normal use or management of communications facilities.
denial of service
On average, __________ of all possible keys must be tried in order to achieve success with a brute-force attack.
half
A many-to-one function with fixed output that is hard to reverse is a(n)
hash function
The purpose of a _____ is to produce "fingerprint" of a file, message, or other block of data
hash function
The _____ is typically located above the program code and global data and grows up in memory (while the stack grows down toward it)
heap
A _____ level breach of security could be expected to have a severe or catastrophic adverse effect on organizational operations, organizational assests, or individuals
high
An example of _____ is an attempt by an unauthorized user to gain access to a system by posing as an authorized user.
masquerade
Release of message contents and traffic analysis are two types of _________ attacks.
passive
A(n) _____ is an attempt to learn or make use of information from the system that does not affect system resources.
passive attack
The original message or data that is fed into the algorithm is ______
plaintext
_____ defenses aim to detect and abort attacks in existing programs
run-time
The function of ______ was to transfer control to a user command-line interpreter, which gave access to any program available on the system with the privileges of the attacked program.
shellcode
A stack buffer overflow is also referred to as ______
stack smashing
A flaw or weakness in a system's design, implementation, or operation and management that could be exploited to violate the system's security policy is a _____
vulnerability
